Information Security Officer

Broster Buchanan Ltd ,
Birmingham, West Midlands
Job Type: Full-time
Salary: £60,000 per annum

Overview

Information Security Officer - Birmingham based salary up to £72,000 for the right level and experience. The main criteria is having taken a client through ISO27001 certification. Not aligned, working to, compliant to, etc, but actually completed the external certification and gained said ISO27001 certification. My client want someone with technical understanding but business focused as well - if you have done this and can talk me through your experience read on for the rest of the advert and apply I am working with a large Technology business based in Birmingham, who are looking to achieve an ISO 27001 certification for what will be the UK's largest in house Automation function and therefore looking for an experienced Information Security Officer who will provide guidance to the central team and a number of internal business units to ensure delivery and oversight of an effective Information Security framework within Operational Excellence. As the Information Security Office you will be responsible for: Assisting the business in gaining and maintaining the ISO/IEC 27001 certification. Contribute to formulating the ISMS scope, framework and structure Assist in the development and maintenance of policies, standards and procedures to support the ISMS Providing specialist Information Security input to support business operations and change initiatives to ensure the security risks are identified and managed. Produce security risk assessments using formal risk methodologies based on threats. Maintain up-to-date knowledge of ISO standards, threats, countermeasures, best practices, and technologies Develop and document secure processes with the technical teams. Conducting investigations, analysis and review following breaches of information security controls and preparing recommendations for appropriate improvements. Produce written reports, status updates and MI on request to support decision making within the management systems governance programme Design and implement compliance metrics, KPI reporting Provide guidance and support to enable the business to comply with contractual requirements such as (ISO27001/PCI DSS/Cyber Essentials/HMG Security Policy Framework) and compliance Company Policies and Standards As the Information Security Officer you will need experience and skills in the following: Proven experience in ISO27001 implementations Proven experience in formal risk methodologies, risk management and risk treatment. Good technical knowledge of network, infrastructure and application security Sound knowledge of industry best practices such as OWASP and NCSC guidance Able to solve problems identified through audits, risk assessment and incidents Experience in report writing, policy and standards writing, delivering presentations and developing dashboards/reports Knowledge of Dev Ops and Dev Sec ops Technical Expertise and experience should cover: Application Security Operational Security DevOps Relevant certifications such as ISO Lead Auditor/Implementor, CISSP, CISM, SANS, CEH, CCSK, CCSP, SABSA SIEM (Splunk/Qradar/Azure Sentinel) This is a permanent Information Security Officer role based out of Birmingham with a salary on offer up to £72,000